-
-
Notifications
You must be signed in to change notification settings - Fork 164
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependency Graph weirdness for root component when using processing v2 #1026
Comments
So, further testing seems to point at the fact that the projects that show 'name version' have sub-components defined in the SBOM (so metadata > component > components), whereas the projects that show the PURL have only a root component... Maybe this is actually an issue for the DT repo? I started posting it here because I had this behavior in the UI, but now I'm not so sure if this is the right place... |
Same cause as DependencyTrack/dependency-track#3978 (comment). Processing V1 did not import frontend/src/views/portfolio/projects/ProjectDependencyGraph.vue Lines 531 to 550 in 4ccfd8b
Given that projects are otherwise referred to by name and version throughout the application, I do agree that the dependency graph should follow that, and consistently use name and version for the root node. |
Fixes DependencyTrack#1026 Signed-off-by: nscuro <nscuro@protonmail.com>
Fixes DependencyTrack#1026 Signed-off-by: nscuro <nscuro@protonmail.com>
@nscuro I hate to say it, but this fix is not working for me... |
How are you testing? Is it still showing the PURL for the project node? It could be that the old version is still cached in your browser. |
You are right, resetting my cache fixed it! Should've thought of that myself... |
You shouldn't have to do it. #1050 should void the need to clear caches manually. |
Great update, but that wasn't in the other branch I tested yet, so... 😉 |
Oh, yeah, I meant to say I took your experience as a reason to implement #1050. Since asking you to clear your cache made me realize how off that is. 😅 |
Current Behavior
After activating v2 processing, the root component in a dependency graph is inconsistently rendered either as the name and version of the project (as it was in 4.11.x) or as a PURL. I'm not quite sure when/why it chooses to do one or the other, but I'd prefer it to use the previous way as to keep in line with all projects that were created before 4.12.
Steps to Reproduce
Expected Behavior
I expect the displayed name in the graph to be consistent between projects and prefer it to be the 'name version'-variant as it was before 4.12.
Dependency-Track Frontend Version
4.12.0
Browser
Mozilla Firefox
Browser Version
130.0.1
Operating System
macOS
Checklist
The text was updated successfully, but these errors were encountered: